乐趣区

关于java:发布jar包到maven中央仓库

配置环境

装置 java 环境

链接:https://pan.baidu.com/s/1o-wFA-m33JQs-sQJ-DgRaQ 
提取码:ux7j

下载到服务器之后解压到指定地位


$ mkdir /usr/java
$ tar xzf jdk-8u301-linux-x64.tar.gz  -C /usr/java
$ vim /etc/profile

写入上面的内容

export JAVA_HOME=/usr/java/jdk1.8.0_301
export CLASSPATH=$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib
export PATH=$JAVA_HOME/bin:$PATH

保留退出
执行 source /etc/profile 使配置文件失效。

验证是否装置胜利

 $ java -version
   java version "1.8.0_301"
   Java(TM) SE Runtime Environment (build 1.8.0_301-b09)
   Java HotSpot(TM) 64-Bit Server VM (build 25.301-b09, mixed mode)

看到这个就示意装置胜利了。

装置maven

$ mkdir /usr/mvn
$ cd /usr/mvn
$ wget https://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.8.1/binaries/apache-maven-3.8.1-bin.tar.gz
$ tar -zxvf apache-maven-3.8.1-bin.tar.gz
$ vim /etc/profile

写入上面内容

export MAVEN_HOME=/usr/mvn/apache-maven-3.8.1

export PATH=$PATH:$MAVEN_HOME/bin

保留退出
执行 source /etc/profile 使配置文件失效。

验证是否装置胜利

 $ mvn -version
 Maven home: /usr/mvn/apache-maven-3.8.1
 Java version: 1.8.0_301, vendor: Oracle Corporation, runtime: /usr/java/jdk1.8.0_301/jre
 Default locale: en_US, platform encoding: UTF-8
 OS name: "linux", version: "4.18.0-240.10.1.el8_3.x86_64", arch: "amd64", family: "unix"

其余工具

$ yum install git gpg -y

如果曾经装置能够跳过这步

注册 sonatype 账号

点击 注册一个新的账户。

登录之后新建一个issues

按要求填写就能够了,次要说一个 Group Id
如果你的代码时托管在Github 上的,那么写 Group Id 的时候就不能写
com.github.xxx 了, 我应用 io 结尾,详情在这里

创立实现之后会跳转到这个连贯 https://issues.sonatype.org/browse/OSSRH-xxxx, 当看到这个连贯之后,你要在你的Github 上创立一个仓库,来证实你是这个 Github 的客人,仓库的名字就是连贯里的OSSRH-xxxx

创立后的仓库连贯为 https://github.com/yourgithubname/OSSRH-xxxx, 而后在帖子上面留言通知管理员这个仓库你曾经创立好了名字为OSSRH-xxxx 的仓库, 这样能够省去他让你证实你是这个账户的拥有者,提高效率。等到管理员回复之后就能够上传 jar 包了。

上面是管理员的回复,看到这个就示意实现了。

io.github.xxx has been prepared, now user(s) youname can:
Publish snapshot and release artifacts to s01.oss.sonatype.org
Have a look at this section of our official guide for deployment instructions:
https://central.sonatype.org/publish/publish-guide/#deployment

Depending on your build configuration, your first component(s) might be released automatically after a successful deployment.
If that happens, you will see a comment on this ticket confirming that your artifact has synced to Maven Central.
If you do not see this comment within an hour or two, you can follow the steps in this section of our guide:
https://central.sonatype.org/publish/release/

######

As part of our efforts to improve the security and quality posture of the open source supply chain,
we plan to enable additional scanning of dependencies for security alerts soon. Since you're already
hosting your source code in Github, you can get these insights today by enabling Sonatype Lift.
Sonatype Lift is free forever on public repositories! Lift tells you about open source vulnerabilities
during code review, and goes beyond open source to scan your code for both code quality and security issues,
providing feedback right in your pull requests.
More information can be found at https://links.sonatype.com/products/lift/github-integration

######

公布前的筹备

批改 pom 文件


  <groupId>io.github.xxxx</groupId>
  <artifactId>xxxx</artifactId>
  <version>1.0.0</version>
  <name>xxx</name>
  <url>xxxx</url>
  <description>xxxxx</description>
  <distributionManagement>
      <snapshotRepository>
          <id>ossrh</id>
          <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
      </snapshotRepository>
      <repository>
          <id>ossrh</id>
          <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
      </repository>
  </distributionManagement>
  <build>
      <plugins>

          <plugin>
              <groupId>org.apache.maven.plugins</groupId>
              <artifactId>maven-compiler-plugin</artifactId>
              <version>3.1</version>
              <configuration>
                  <source>1.8</source>
                  <target>1.8</target>
              </configuration>
          </plugin>
          <!-- Source -->
          <plugin>
              <groupId>org.apache.maven.plugins</groupId>
              <artifactId>maven-source-plugin</artifactId>
              <version>2.2.1</version>
              <executions>
                  <execution>
                      <phase>package</phase>
                      <goals>
                          <goal>jar-no-fork</goal>
                      </goals>
                  </execution>
              </executions>
          </plugin>
          <!-- Javadoc -->
          <plugin>
              <groupId>org.apache.maven.plugins</groupId>
              <artifactId>maven-javadoc-plugin</artifactId>
              <version>2.9.1</version>
              <configuration>
                  <additionalparam>-Xdoclint:none</additionalparam>
              </configuration>
              <executions>
                  <execution>
                      <phase>package</phase>
                      <goals>
                          <goal>jar</goal>
                      </goals>
                  </execution>
              </executions>
          </plugin>
          <!-- GPG mvn clean deploy -P release -Dgpg.passphrase=YourPassphase -->
          <plugin>
              <groupId>org.apache.maven.plugins</groupId>
              <artifactId>maven-gpg-plugin</artifactId>
              <version>1.5</version>
              <executions>
                  <execution>
                      <id>sign-artifacts</id>
                      <phase>verify</phase>
                      <goals>
                          <goal>sign</goal>
                      </goals>
                  </execution>
              </executions>
          </plugin>
      </plugins>
  </build>

  <licenses>
      <license>
          <name>MIT License</name>
          <url>https://github.com/xxx/xxx/xxxxxx/master/LICENSE</url>
          <distribution>repo,manual</distribution>
      </license>
  </licenses>
  <developers>
      <developer>
          <name>xxx</name>
          <email>xxxx</email>
          <url>xxxx</url>
      </developer>
  </developers>
  <scm>
      <connection>scm:git:https://github.com/xxx/xxxx.git</connection>
      <developerConnection>scm:git:https://github.com/xxxx/xxxx.git</developerConnection>
      <url>https://github.com/xxxx/xxxxx</url>
      <tag>0.0.1</tag>
  </scm>

只需批改和本人相干的内容即可,文中用 xxxx 示意,其余的不须要批改

Group Id肯定要和申请的保持一致

上传gpg key

$  gpg generate-key
# 依照提醒输出用户名和邮箱,最初会输出一个明码,记住这个明码上面会用 

将公钥发送到 PGP 密钥服务器

$   gpg --keyserver hkp://keyserver.ubuntu.com:11371 --send-keys 6107DF0A8EE6A62EABFDD12914F722543E7D2C1E

返回后果

gpg: 将密钥‘14F722543E7D2C1E’上传到 hkp://keyserver.ubuntu.com:11371

验证是否上传胜利

$   gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 6107DF0A8EE6A62EABFDD12914F722543E7D2C1E

返回后果

gpg: 密钥 14F722543E7D2C1E:“houbb <XXX@XX.com>”未扭转
gpg: 共计被解决的数量:1
gpg:           未扭转:1

setting.xml

<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 http://maven.apache.org/xsd/settings-1.2.0.xsd">
  <servers>
    <server>
      <id>ossrh</id>
      <username>sonatype 账号 </username>
      <password>sonatype 明码 </password>
    </server>
  </servers>
  <profiles>
   <profile>
      <id>ossrh</id>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg2</gpg.executable>
        <gpg.passphrase>gpg 公钥的明码 </gpg.passphrase>
      </properties>
    </profile>
  </profiles>
</settings>

留神判断 mvn 应用的 setting.xml 是哪里的,个别在 mvn 主目录下的 conf 文件夹和用户目录下的 .m2 文件夹

上传程序

在我的项目根目录下执行

$ mvn clean deploy

稍等片刻会呈现一个窗口,输出 gpg 的明码

看到这个示意曾经上传胜利了。

上传胜利之后登录到https://s01.oss.sonatype.org/, 账号就是一开始注册的 sonatype 账号。

登录之后会点击 Staging Repositories 会看到这个页面,选中记录点击close, 胜利之后点击Release

到这步就曾经功败垂成了, 稍等片刻就能够在这里看到上传的包了

比方 Group Idio.github.xxx

artifactIdtool

version1.0.0,

查看地址就是https://repo.maven.apache.org/maven2/io/github/xxx/tool/1.0.0

如果下面这个连贯能够查到,就曾经能够在我的项目中应用了。同步到地方仓库的工夫不太确定。

公布胜利之后去帖子上回复一下,通知管理员公布胜利了。

遇到的问题

  • 执行 mvn deploy 的时候总是返回401 谬误,找了各种方法都不能解决,从新注册了个账户就能够了,不晓得是为什么。
  • repository地址曾经扭转了,当初网上大部分的文章都是旧的,新的是这样的

    <distributionManagement>
      <snapshotRepository>
          <id>ossrh</id>
          <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
      </snapshotRepository>
      <repository>
          <id>ossrh</id>
          <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
      </repository>
    </distributionManagement>

官网文档有最新的配置信息,遇到问题之后还是要先查官网文档

  • centos 公布时报错
    Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.6:sign

    解决办法

退出移动版